using Microsoft.AspNetCore.Authorization;
using mvcincode.Auth.Requirement;
using mvcincode.Models;

namespace mvcincode.Auth.Handler;

public class SameAuthorHandler : AuthorizationHandler<SameAuthorRequirement, Document>
{
    protected override Task HandleRequirementAsync(AuthorizationHandlerContext context
        , SameAuthorRequirement requirement
        , Document resource)
    {
        // 如果当前登录的用户名称就是资源的名称，就认为是授权认证成功
        if (context.User.Identity?.Name == resource.Author)
        {
            context.Succeed(requirement);
        }

        return Task.CompletedTask;
    }
}